Submitted by “Recently there’s been a lot of news about OpenSolaris, more specifically in reference to the great progress made by virtualization technologies in it. In this article, I will examine some of these technologies, and compare them with the state of the art on other platforms.”
Tully everything you could want for your virtualization needs, OpenSolaris is fast becoming an excellent addition to the Solaris line. Although it will take some time for Xen to be fully support in Solaris ‘proper’, it’s great to see the progress the OpenSolaris project is making.
One thing that I, personally, would avoid is the Branded Zones solution. If I can already run Linux using a fully hardware virtualized environment, with hardware acceleration to boot, why would I want to run it using OS virtualization? I always thought that Branded Zones where a stopgap solution untill something more robust come alone, i.e. Xen.
Still, questions aside, thanks to the OpenSolaris project for all the hard work!
Here’s at least one good reason why branded zones can
be useful:
http://blogs.sun.com/ahl/entry/dtrace_for_linux
Here’s another one:
http://blogs.sun.com/dp/date/20070905
(Somewhat bizarre that the article failed to mention
LDoms at all BTW)
Yeah, those are two very good reasons. My bad ๐
> I always thought that Branded Zones where a stopgap solution untill something more robust come alone, i.e. Xen.
I don’t think anyone on the inside would admit that, but I do think what you said is pretty much the case.
I deduced as much when I heard that there were no plans to ever update the linux branded zone from kernel 2.4 support.
</>”I deduced as much when I heard that there were no plans to ever update the linux branded zone from kernel 2.4 support.”[/i]
Where did you here that from?
See here for the current status of the experimental support: http://opensolaris.org/os/community/brandz/todo/linux_2_6/
Edited 2007-10-10 02:00
I meant that Sun had no plans to enhance it. I assumed nobody else would either, but on that I was wrong
You’re right, Sun have not announced any plans as yet. I guess they are waiting to see how things pan out in OpenSolaris before bringing it back through to Solaris proper.
You assumed incorrectly. Somebody has started a 2.6.x kernel branded zone. Though it is work in progress….
http://www.opensolaris.org/os/community/brandz/todo/linux_2_6/
branded zones (like zones in general) have the advantage of being light weight – xen on the other hand…
Very true, a Linux installation using Xen would in no way be a lightweight solution.
Several people have posted some excellent reasons for using Branded Zones, i.e. the fact that you can deploy several zones that share disk space and resources.
Another interesting one was running the Solaris 8 userland. This would be an excellent solution for some of the NIS+ setups that I know of. As NIS+ has been deprecated in favor of LDAP, Sun no longer releases updated GUI tools to manage NIS+ domains (which they themselves recommend using when editing NIS+ DBs). You can tailor the Solaris 10 Admin GUI to deal with NIS+ but it is in now way as flexible as what was released for Solaris 8.
That last point may seem a bit archaic to some, and I’m sure others would push for a migration towards LDAP but not only is LDAP an incredibly complex beast to implement and manage, it’s also the first rule of system administration to not fix what ain’t broken ๐
While zones are great, and Crossbow is a very exciting, and needed, development for zone security, I would not agree that OpenSolaris has everything I could want for my virtualization needs…
I guess I have to be the first to point out that Xen is only for x86 and x64, not SPARC. Neither Solaris or OpenSolaris have a technology for SPARC like VMware’s VMotion or AIX’s Partition Relocation, where you can move running images between hosts. To be sure, that feature becomes indispensable once you start using it.
BrandZ are very lightweight. 50 of them or so, takes like 3% CPU utilization together. Each takes 40MB RAM and shares RAM. One guy started 1000 BrandZ in 1GB RAM.
Also with ZFS you can snapshot one master Linux (or different versions of Linux), and then deploy writable copies in one sec each. You can install Oracle version X in one copy, Oracle version Y in another, etc and each copy just saves the differences, in a dynamical growing file system with ZFS. Everything is read from the master Linux snapshot installation. If you wish, you can do a snapshot on combination Oracle + Linux too. This way you can deploy a fully tested Oracle zone in one second if the need should arise. Also with Apache, or other software. Very lightweight. Each BrandZ have a unique IP adress too. And safe too, you cant break out from the zone. You can give root access to users, and if they mess up, you just delete the ZFS file system and deploy another copy in 1 sec. The master snapshot never gets touched.
Of course you dont have to stick to Linux with BrandZ. Pure Solaris works fine too. Solaris + Oracle in one second. In future FreeBSD too. etc.
The full power comes from BrandZ + ZFS. And you can toss in DTrace to see exactly whats going on in the system.
People just dont get it. They think ZFS is another ordinary file system, albeit newer. The same with BrandZ. The Unix philosophy is to have one tool doing well, and the power comes from the interaction. ZFS and BrandZ and DTrace follows that principle. People that have failed to grasp that principle thinks that there is nothing special with unix grep and pipe and so. They think a monolithic application works as well. They should try it out, themselves to see all the goodies. Often they are Windows people.
ZFS is amazing and anyone who has ever played with software RAID and/or LVM has to give ZFS a shot. I finally did so yesterday using just vmware and I’m extremely impressed with ZFS. It’s the future, plain and simple.
Indeed. I have been working with Qemu on FreeBSD and also started to experiment with Xen on NetBSD. I am not sure why FreeBSD has not been able to port Xen as domain0 but after having setup Xen on NetBSD I can understand why.
I think in the longer term, jails and similar container techniques will be the way for native isolation and then some form of kernel virtualization for full unmodified OS support (like Linux KVM).
How is the speed of Xen HVM windows as opposed to Linux KVM or Qemu emulation? I have seen early results but thats when KVM was first included in the kernel.
Why would you want to run a Linux VM if your application will work just fine in BrandZ? A VM has a pretty huge footprint, while BrandZ does not.